Beware! Judy Malware Has Infected Millions Of Android Smartphones

User Review

0(0 votes)

Judy Malware: Check Point is a company that examines viruses and the malware which affect smartphones. Recently, Check Point has reported a new malicious software ‘Judy.’ Judy has infected more than millions of Android devices. Judy is another malicious software noticed in the Google play store.

Check Point reported the news on May 25. We have already told that Google’s official app store has many malicious apps which they keep on searching. Judy is an auto-clicking adware. Recently, Judy was seen on 41 apps produced by a Korean company. You will be shocked to know that Judy is on Play Store since April 2016. There are apps which are connected with Judy. Those apps have been downloaded by 4.5 million to 18.5 million Android users. The number of devices infected by Judy is not yet registered.

Beware! Judy Malware Has Infected Millions Of Android Smartphones

According to Check Point, the hackers develop an apparently good app to connect with Android device and post into the app store. After downloading the app, the users get registered which build a link with the C&C server. The server responds with the original malware payload, which involves JavaScript code, a user-agent string, and URLs.

All of these managed by the malware producer. The malware starts the URLs utilizing the user operator that mimics a PC browser in a private web page and accepts a redirection to a different website. After the launch of the website, the JavaScript code is used to find and select the banners from the Google ads infrastructure. After this process, the malware creator obtains money from the website holder. The owner pays for the illegal clicks and traffic.

Till now, Judy has not stolen any personal information of the users but can do so in future. Judy malware software can indeed beat Google’s Bouncer security. It builds a private access between victim’s device and the malware server, through which it can probably steal secret information like credit card data and passwords from a device.

The most shocking part is that the malicious app comes from a popular app producing Korean company, Kiniwini. The company is registered in Google Play as ENISTUDIO corp. It builds apps for both Android and iOS devices. If you have downloaded the app, then immediately format your device.